Overview

overview

10

Static

static

10

afra.exe

windows7-x64

10

afra.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    afra.exe

  • Size

    5.8MB

  • MD5

    6008e97b1f47db5e30855388d75fc4c8

  • SHA1

    d6e965b53dc6b53218b998324dac8ac9c26b5c60

  • SHA256

    66e1e97f4c35a92b98118372363776018062cd9aa82afe1915d653463dff43a1

  • SHA512

    54b48695ca932659295ebf5426ac9debcc2b181ebc94ce58388ec3e2b7f14557c60805cfd3e3047e93343df383b00bde4fcd84f71d6361e732541eea21b67c09

  • SSDEEP

    98304:6hVnXiW0958S8wQlwBaptY5Igy5+JpOMx0Vf8G4jwfJmNLvN:6hVnXiW095OflwoMuaG4jwxmv

Score
10/10
zgrat

Malware Config

Signatures

  • Detect ZGRat V1 1 IoCs
  • Zgrat family
    zgrat
  • .NET Reactor proctector 1 IoCs

    Detects an executable protected by an unregistered version of Eziriz's .NET Reactor.

  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • afra.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections